Category: TechGeek World

Would you like to know network status on your computer? Or would you like to know what network communication threads are open between your computer and networked or remote computers, then

Netstat is the right dos command to use to find this information.

The netstat command is a Command Prompt command used to display very detailed information about how your computer is communicating with other computers or network devices.

Specifically, the netstat command can show details about individual network connections, overall and protocol-specific networking statistics, and much more, all of which could help troubleshoot certain kinds of networking issues or it will help you troubleshooting application communication issues. These commands also useful to find malicious traffic from external IPs and ports open.

There are many more information resources available on internet in order to understand the use of Netstat command.

One of the simplest way I use to find the current network connections and their status by running the following Netstat command and export the data in text file to ease my job.

Syntax:

Go to command prompt.

StartàRunàcmdàok

Under the commandline Window, Type

Netstat –anob>port.txt and press Enter

Then type port.txt

It will open up the port.txt with information about Source IP/Destination IP and ports used.

For example, the above command should look like

C:Netstat –anob>port.txt

C:port.txt

When you open the text file, you will see TCP (Transmission control protocol) operations and its status. Refer the following table for most common TCP communication status

TCP connection State

Represents

LISTEN

(server) represents waiting for a connection request from any remote TCP and port.

SYN-SENT

(client) represents waiting for a matching connection request after having sent a connection request

SYN-RECEIVED

(server) represents waiting for a confirming connection request acknowledgment after having both received and sent a connection request

ESTABLISHED

(both server and client) represents an open connection, data received can be delivered to the user. The normal state for the data transfer phase of the connection.

FIN-WAIT-1

(both server and client) represents waiting for a connection termination request from the remote TCP, or an acknowledgment of the connection termination request previously sent.

FIN-WAIT-2

(both server and client) represents waiting for a connection termination request from the remote TCP

CLOSE-WAIT

(both server and client) represents waiting for a connection termination request from the local user.

CLOSING

(both server and client) represents waiting for a connection termination request acknowledgment from the remote TCP

LAST-ACK

(both server and client) represents waiting for an acknowledgment of the connection termination request previously sent to the remote TCP (which includes an acknowledgment of its connection termination request).

TIME-WAIT

(either server or client) represents waiting for enough time to pass to be sure the remote TCP received the acknowledgment of its connection termination request. [According toRFC 793 a connection can stay in TIME-WAIT for a maximum of four minutes known as a MSL (maximum segment lifetime).

CLOSED

(both server and client) represents no connection state at all.

Again this is just basic info on using the netstat command and not detailed information on how TCP/IP protocol communicates over the network. You can refer the above links or refer the below link for more detailed information.

You may not realize it, but your computer and your vehicle have something in common: they both need regular maintenance. No, you don’t need to change your computer’s oil. But you should be updating your software, keeping your antivirus subscription up to date, and checking for viruses.

Getting started

Here are some basics maintenance tasks you can do today to start improving your computer’s security. Be sure you make these part of your ongoing maintenance as well.

Sign up for software update e-mail notices. Many software companies will send you e-mail whenever a software update is available. This is particularly important for your operating system (e.g., Microsoft/Mac), your antivirus program, and your firewall.

Register your software. If you still have registration forms for existing software, send them in. And be sure to register new software in the future. This is another way for the software manufacturer to alert you when new updates are available.

Install software updates immediately.When you get an update notice, download the update immediately and install it. (Remember, downloading and installing are two separate tasks.)

A few simple steps will help you keep your files safe and clean.

Step 1: Update your software

Step 2: Backup your files

Step 3: Use antivirus software and keep it updated (Some of the Best Antivirus software’s are McAfee, Symantec, Trend Micro etc)

Step 4: Change your passwords

Developing ongoing maintenance practices

Now that you’ve done some ground work, it’s time to start moving into longer term maintenance tasks. These are all tasks that you should do today (or as soon as possible) to get started. But for best results, make these a part of a regular maintenance schedule.

Back up your files. Backing up your files simply means creating a copy of your computer files that you can use in the event the originals are lost.

Scan your files with up to date antivirus software. Use your antivirus scan tool regularly to search for potential computer viruses and worms. Also, check your antivirus program’s user manual to see if you can schedule an automatic scan of your computer.

Change your passwords. Using the same password increases the odds that someone else will discover it. Change all of your passwords regularly to reduce your risk. Also, choose your passwords carefully and keep them complex.

The various forms of Safe Mode—with networking, without networking, with command prompt—load a minimal version of Windows with only the drivers and files needed to support that minimal version (like NTOSKRNL). These tools can be handy when something is preventing your system from booting and you suspect an errant driver. Whichever mode you choose, during boot, Windows will display a list of all the drivers and services as they’re loading. When you log out, the machine will restart as usual.

Safe Mode
Safe Mode starts Windows with only the drivers and services required to boot the computer.

Safe Mode with Networking
Safe Mode with Networking is that includes network support. Use this version when you need network support and you’re sure that the network drivers are not causing any problems. When you boot the computer into Directory Services Restore Mode, it’s booting into Safe Mode with Networking.

Safe Mode with Command Prompt
When you boot to this option, you’ll see a list of the files that Win2k is loading, and then the graphical interface will appear, running in 640×480. However, rather than loading the Desktop, Win2K will use the command prompt for its shell.

The Last Known Good ConfigurationFor example, if you load the wrong driver for your keyboard, then you can boot to the Last Known Good menu to unload that driver and tell Win2K to use the one you had been using.

Before you edit the registry, export the keys in the registry that you plan to edit, or back up the whole registry. If a problem occurs, you can then follow the steps how-to restore the registry to its previous state.

How to Export Registry Keys

Click Start, and then click Run.

In the Open box, type regedit, and then click OK.

On the File menu, click Export.

In the Save in box, select the boxs at the bottom the bottom according to weather you want to export all or only selected branches of the registry.

Next select a location in which to save the backup .reg file. In the File name box, type a file name, and then click Save.How to Restore the Registry

To restore registry keys that you exported, double-click the .reg file that you saved.

This registry key actually stops the recreation of the shares, therefore it may be necessary to delete the shares through the drive properties also or you can also remove the shares through the Computer Management Console.

1. In Control Panel, double-click Administrative Tools, and then double-click Computer Management.

2. Click to expand Shared Folders, and then click Shares.

3. In the Shared Folder column, right-click the share you want to delete, click Stop sharing, and then click OK.Note : To remove the admin share for only the current session use the second method (Computer Management console), if you want a permanent removal, add the AutoShareWks registry